package com.szy.servlet;

import java.io.IOException;
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.sql.SQLException;

import javax.servlet.Servlet;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import com.mysql.jdbc.Statement;

public class LoginServlet extends HttpServlet implements Servlet {
	public LoginServlet ()
	 {
	 }
	 @Override
	 protected void doGet ( HttpServletRequest arg0, HttpServletResponse arg1 )
	   throws ServletException, IOException
	 {
		 doPost(arg0, arg1);
	 }
	
	 @Override
	 protected void doPost ( HttpServletRequest request, HttpServletResponse response )
	   throws ServletException, IOException
	 {
	  response.setContentType ( "text/html" );
	  String result = "";
	  // 获取用户名
	  String sUserName = request.getParameter ( "username" );
	  String sPasswd = request.getParameter ( "password" );
	  System.out.println(sUserName);
	  if ( sUserName == "" || sUserName == null || sUserName.length ( ) > 20 
		   || sPasswd =="" || sPasswd == null || sPasswd.length() > 40
	     )
	  {
		   	result = "请输入用户名（不超过20字符）！";
	    	request.setAttribute ( "ErrorUserName", result );
	    	response.sendRedirect ( "index.jsp" );
	    	return;
	  }
	  // 获取密码
	  if ( sPasswd == "" || sPasswd == null || sPasswd.length ( ) > 20 )
	  {
	   try
	   {
		   result = "请输入密码（不超过20字符）！";
		   request.setAttribute ( "ErrorPassword", result );
		   response.sendRedirect ( "index.jsp" );
	   } catch ( Exception e )
	   {
	   }
	  }
	  // 登记JDBC驱动程序

	  try
	  {
		  Class.forName ( "org.gjt.mm.mysql.Driver" ).newInstance ( );
	  } catch ( InstantiationException e )
	  {
	   // TODO Auto-generated catch block

	   e.printStackTrace ( );
	   System.out.println ("InstantiationException");
	  } catch ( IllegalAccessException e )
	  {
	   // TODO Auto-generated catch block

	   e.printStackTrace ( );
	   System.out.println ("IllegalAccessException");
	  } catch ( ClassNotFoundException e )
	  {
	   // TODO Auto-generated catch block

	   e.printStackTrace ( );
	   System.out.println ("ClassNotFoundException");
	  }
	  // 连接参数与Access不同

	  String url = "jdbc:mysql://localhost/test";
	  // 建立连接

	  java.sql.Connection connection = null;
	  Statement stmt = null;
	  ResultSet rs = null;
	  try
	  {
	   connection = DriverManager.getConnection ( url, "root", "123456" );
	   stmt =(Statement) connection.createStatement();
	   // SQL语句
	   String sql = "select * from user where username='" + sUserName
	     + "' and passwd = '" + sPasswd + "'";
	   rs = stmt.executeQuery ( sql );// 返回查询结果

	  } catch ( SQLException e )
	  {
	   // TODO Auto-generated catch block

	   e.printStackTrace ( );
	  }
	  try
	  {
	   if ( rs.next ( ) )// 如果记录集非空，表明有匹配的用户名和密码，登陆成功
	   {
	    // 登录成功后将sUserName设置为session变量的UserName
	    // 这样在后面就可以通过 session.getAttribute("UserName") 来获取用户名，
	    // 同时这样还可以作为用户登录与否的判断依据
	    request.getSession ( ).setAttribute ( "UserName", sUserName );
	    request.getSession ( ).setAttribute ( "passwd", sPasswd );
	    request.getSession ( ).setAttribute ( "Login", "true" );
	    response.sendRedirect ( "AddNewsMain.jsp" );
	   } else
	   {
	    // 否则登录失败
	   // response.sendRedirect ( "MyJsp.jsp" );
	    request.getSession ( ).setAttribute ( "UserName", sUserName );
	    response.sendRedirect ( "login_failure.jsp" );
	   }
	  } catch ( SQLException e )
	  {
	   // TODO Auto-generated catch block
	   e.printStackTrace ( );
	  }
	  try
	  {
	   if ( null!=rs )
	   {
	    rs.close ( );
	   }
	   if ( null!=stmt )
	   {
	    stmt.close ( );
	   }
	   if ( null!=connection )
	   {
	    connection.close ( );
	   }
	  } catch ( SQLException e )
	  {
	   // TODO Auto-generated catch block

	   e.printStackTrace ( );
	  }
	 }
	 /**
	  *
	  */
	 private static final long serialVersionUID = 1L;

}
